autoenable security for compute special remote

Added annex.security.autoenable-compute-programs and only allow
autoenabling special remotes that use compute programs on that list.

The reason this is needed is a user might have some compute programs
that are less safe to use than others. They might want to use an unsafe
one only with one repository, where they are the only committer or other
committers are trusted. They might be ok with others being used by any
repository, and if so they can add them to the list.

Another reason would be a user who has installed a compute program by
accident. Eg, it might be included with git-annex at some point, or
pulled in by some dependency. That user doesn't necessarily want that
compute program to be used in an autoenabled special remote.

Types/GitConfig.hs

@@ -146,6 +146,7 @@ data GitConfig = GitConfig
 	, annexAllowedUrlSchemes :: S.Set Scheme
 	, annexAllowedIPAddresses :: String
 	, annexAllowUnverifiedDownloads :: Bool
+	, annexAutoEnableComputePrograms :: Maybe String
 	, annexMaxExtensionLength :: Maybe Int
 	, annexMaxExtensions :: Maybe Int
 	, annexJobs :: Concurrency
@@ -261,6 +262,8 @@ extractGitConfig configsource r = GitConfig
 		getmaybe (annexConfig "security.allowed-http-addresses") -- old name
 	, annexAllowUnverifiedDownloads = (== Just "ACKTHPPT") $
 		getmaybe (annexConfig "security.allow-unverified-downloads")
+	, annexAutoEnableComputePrograms =
+		getmaybe (annexConfig "security.autoenable-compute-programs")
 	, annexMaxExtensionLength = getmayberead (annexConfig "maxextensionlength")
 	, annexMaxExtensions = getmayberead (annexConfig "maxextensions")
 	, annexJobs = fromMaybe NonConcurrent $